This is a discussion on HttpURLConnection and Identity Certs - Weblogic ; Hello, I'm a newbie when it comes to Weblogic, so please forgive me if this question is a bit mundane. We currently have the need to perform an HTTP POST to another server from within our J2EE application. We are ...
Hello,
I'm a newbie when it comes to Weblogic, so please forgive me if this
question is a bit mundane.
We currently have the need to perform an HTTP POST to another server
from within our J2EE application. We are using HttpURLConnection to
perform the post.
We now require that this connection be an HTTPS connection and that the
client (our BEA application) present a client certificate for the
request.
I understand (or think I do) that we need to configure a security realm
for the application and ceate some custom keystores containing our
trusted CAs (for the target server) and our identity certificates and
private keys (for our client).
My question is: is there a clean/easy way to specify this keystore from
the HttpURLConnection object?
Obviously, we want to avoid hard-coding passwords and keystore
locations. So I am hoping that we will be able to simply specify an
alias somehow and leave the configuration of the other items to the
security realm. I am assuming that by associating our application with
the security realm, that it will use these parameters and automatically
use the appropriate identity cert, or at a minimum use the one we
specify via the alias.
Any advice on this subject would be greatly appreciated.
Thanks,
Mark
